4 Comments

xml library vulnerabilities, regarding post-exploitation@avid: the reason I thought XML libraries were involved was because the files that were remotely put in my 'trash can' were all XML files that looked liked they had a few structs or something defined in them and werent just single scripts. I am not sure what the connection would be from those files to the infection process. But isnt XLS just a form of XML?

xml library vulnerabilities, regarding post-exploitation@john: maybe you could clarify for me, is it the program that would be exploited, via either its own xml libraries or other software flaw; or the xls file simply runs a VBA script, for instance, attached to a cell that makes changes to xml libraries somewhere else on the system?

May31

comment

xml library vulnerabilities, regarding post-exploitation@john: 14.0.2, from what i read about, the problem might have been just opening the xls file that was emailed to me. I didnt prevent the VBA scripts functionality from 'phoning out' and just opened the file because i trusted the sender.